<?php
	session_start();
	
	if (!isset($_SESSION['sesi_login']))
		header("Location:../../index.php");

	@chdir("../../");
	define('ABS_URL',str_replace("\\","/",getcwd()));
	require ABS_URL.'/engine/Smarty.class.php';
	require ABS_URL."/functions/class.query.inc.php";
	$smarty = new Smarty();
	require ABS_URL."/dev_con.inc.php";
	require ABS_URL."/functions/func_file.php";
	$queryData = new queryData();
	$queryData->baseConfig();
	require ABS_URL."/functions/func_content.php";
	require ABS_URL."/langs/".BASE_LANGUAGE.'.inc.php';
	require $queryData->get_curr_dir(dirname(__FILE__))."/langs/".BASE_LANGUAGE.'.inc.php';

	$arrSearch = array("&nbsp;","&lt;","&gt;","&amp;","&quot;","'&#8482;","&copy;","&reg;","&rsquo;",";","&");
	$arrReplace = array("_","_","_","_","_","_","_","_","_","","");

	$namaakses = strip_tags(trim($_POST['hakakses']));
	$namaakses = htmlspecialchars($namaakses);
	$namaakses = str_replace($arrSearch,$arrReplace,$namaakses);
	$aliasAkses = strip_tags(trim($_POST['aliasAkses']));

	if ((isset($_POST['status'])) && (is_array($_POST['type']))) {
		foreach($_POST['type'] as $value) {
			$type_access .= $value."[break]";
		}
	}

	$aktivasi = $_POST['aktivasi'];	
	$tanggal = date("Y-m-d-H-i-s");

	if (empty($namaakses)) {
		$_SESSION['sesi_ver'] = "Nama Akses Tidak Valid";
	} elseif (empty($type_access)) {
		$_SESSION['sesi_ver'] = "Setidaknya ada satu Modul Akses yang terpilih";
	} elseif ((isset($_POST['status'])) && ($_POST['status']=="tambah")) {
		$kode = rand(100000,999999);
				
		$sql = "INSERT INTO tbl_hakakses VALUES('".$namaakses."','".$aliasAkses."','".$type_access."','".$aktivasi."')";
		$qry = mysql_query($sql);

		$_SESSION['sesi_ver'] = "Group Access ".$namaakses." has been added";
	} elseif ((isset($_POST['status'])) && ($_POST['status']=="edit")) {
		$kode = $_POST['kode'];
		
		$sql = "UPDATE tbl_hakakses SET tipe='".$namaakses."', alias='".$aliasAkses."', keterangan='".$type_access."', aktivasi='".$aktivasi."' WHERE tipe='".$kode."'";
		$qry = mysql_query($sql);
	
		$_SESSION['sesi_ver'] = "Group Access ".$namaakses." has been updated";
	}
	
	if ((isset($_GET['act_ver'])) && (strtolower($_GET['act_ver'])=="hapus")) {
		$kode = $_GET['kode'];
		
		$sql = "DELETE FROM tbl_hakakses WHERE tipe='".$kode."'";
		$qry = mysql_query($sql);

		$_SESSION['sesi_ver'] = "Group Access ".$kode." has been deleted";
	}
	
	if (isset($_SESSION['sesi_login'])) {
		header("Location:../../?show=".$_GET['show']."&showview=".$_GET['showview']."&act=lihat&limitdown=0");
	} else {
		header("Location:../../index.php");
	};

?>